urlscan.io logo urlscan.io
SecurityTrails logo

godtlevert.no Open in urlscan Pro
52.164.250.133  Public Scan

Go To Rescan Add Verdict Report
URL: https://godtlevert.no/
Submission: On September 28 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 18 HTTP transactions. The main IP is 52.164.250.133, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is godtlevert.no.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on November 15th 2016. Valid for: 3 years.
This is the only time godtlevert.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 52.164.250.133 8075 (MICROSOFT...)
1 54.230.92.31 16509 (AMAZON-02)
1 54.230.95.222 16509 (AMAZON-02)
4 159.122.87.148 36351 (SOFTLAYER)
1 13.107.21.200 8068 (MICROSOFT...)
1 216.58.214.98 15169 (GOOGLE)
1 1 54.230.94.72 16509 (AMAZON-02)
2 54.230.95.115 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 54.230.95.211 16509 (AMAZON-02)
1 216.239.32.21 15169 (GOOGLE)
18 12
2    52.164.250.133 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
godtlevert.no
1    54.230.92.31 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-92-31.fra2.r.cloudfront.net
cdn.segment.com
1    54.230.95.222 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-222.fra2.r.cloudfront.net
sleeknotecustomerscripts.sleeknote.com
4    159.122.87.148 (Frankfurt, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 94.57.7a9f.ip4.static.sl-reverse.com
dev.visualwebsiteoptimizer.com
1    13.107.21.200 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com
1    216.58.214.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f2.1e100.net
www.googleadservices.com
1    54.230.94.72 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-94-72.fra2.r.cloudfront.net
widget.intercom.io
2    54.230.95.115 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-115.fra2.r.cloudfront.net
js.intercomcdn.com
1    2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    54.230.95.211 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-211.fra2.r.cloudfront.net
sleeknotestaticcontent.sleeknote.com
1    216.239.32.21 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: any-in-2015.1e100.net
analytics.sleeknote.com
Domain Requested by
4 dev.visualwebsiteoptimizer.com godtlevert.no
dev.visualwebsiteoptimizer.com
2 connect.facebook.net cdn.segment.com
connect.facebook.net
2 js.intercomcdn.com godtlevert.no
js.intercomcdn.com
2 godtlevert.no godtlevert.no
1 analytics.sleeknote.com godtlevert.no
1 sleeknotestaticcontent.sleeknote.com sleeknotecustomerscripts.sleeknote.com
1 www.google-analytics.com cdn.segment.com
1 widget.intercom.io 1 redirects
1 www.googleadservices.com cdn.segment.com
1 bat.bing.com cdn.segment.com
1 sleeknotecustomerscripts.sleeknote.com godtlevert.no
1 cdn.segment.com godtlevert.no
0 static.hotjar.com Failed cdn.segment.com
18 13

This site contains no links.

Subject Issuer Validity Valid
*.godtlevert.no
COMODO RSA Domain Validation Secure Server CA		 2016-11-15 -
2019-11-15		 3 years crt.sh
*.segment.com
DigiCert SHA2 Secure Server CA		 2018-05-08 -
2019-07-18		 a year crt.sh
*.sleeknote.com
Amazon		 2018-03-05 -
2019-04-05		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2017-06-30 -
2020-07-06		 3 years crt.sh
www.bing.com
Microsoft IT TLS CA 5		 2017-07-20 -
2019-07-10		 2 years crt.sh
www.googleadservices.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.intercomcdn.com
Amazon		 2018-05-25 -
2019-06-25		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year crt.sh
analytics.sleeknote.com
Let's Encrypt Authority X3		 2018-08-19 -
2018-11-17		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://godtlevert.no/
Frame ID: 12BEFE9CD22F8B7D9EE2001BA52FA087
Requests: 17 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame.2b685ae7.js
Frame ID: 3F4ED61D920997CE9F243A399F25F71C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^Intercom$/i
Overall confidence: 100%
Detected patterns
  • html /<script[\s\S]*cdn\.segment\.com\/analytics.js[\s\S]*script>/i
  • script /cdn\.segment\.com\/analytics\.js/i
  • env /^analytics$/i

Page Statistics

18
Requests

94 %
HTTPS

17 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

1116 kB
Transfer

4587 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://widget.intercom.io/widget/y59cieqk HTTP 302
  • https://js.intercomcdn.com/shim.3ad6f38d.js

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
godtlevert.no/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://godtlevert.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.164.250.133 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7d503c639bc279e49d8ea42989982b7bf5344c4edf81b7f62ec4fb4023e66683

Request headers

Host
godtlevert.no
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
public, max-age=43200
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Last-Modified
Fri, 21 Sep 2018 13:19:39 GMT
Accept-Ranges
bytes
ETag
W/"150f-165fc492fc0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Set-Cookie
ARRAffinity=83319adfc3145a47856c151ebe6837a96abbf4a69cdfaebfd71b4adbbb49d223;Path=/;HttpOnly;Domain=godtlevert.no
Date
Fri, 28 Sep 2018 21:48:16 GMT
main.499b2fa4.js
godtlevert.no/static/js/ 		1 MB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://godtlevert.no/static/js/main.499b2fa4.js
Requested by
Host: godtlevert.no
URL: https://godtlevert.no/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.164.250.133 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
49587441e1aa886490fade82efe150bfd670c3d13d2cf2964fc7a6d22a9c2345

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
godtlevert.no
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://godtlevert.no/
Cookie
ARRAffinity=83319adfc3145a47856c151ebe6837a96abbf4a69cdfaebfd71b4adbbb49d223
Connection
keep-alive
Cache-Control
no-cache
Referer
https://godtlevert.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 28 Sep 2018 21:48:16 GMT
Content-Encoding
gzip
ETag
W/"1560b7-165fc49302e"
Last-Modified
Fri, 21 Sep 2018 13:19:39 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=43200
Transfer-Encoding
chunked
Accept-Ranges
bytes
analytics.min.js
cdn.segment.com/analytics.js/v1/Dkgu3dIeRKyTFJ7eR01OaJyql2nw5F67/ 		485 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/Dkgu3dIeRKyTFJ7eR01OaJyql2nw5F67/analytics.min.js
Requested by
Host: godtlevert.no
URL: https://godtlevert.no/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.92.31 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-92-31.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
285fa943a98bac6c5dfbfc0eab8e6cac592fb3edabc102e3f3629420ad5663b8

Request headers

Referer
https://godtlevert.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 28 Sep 2018 21:48:18 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-origin
*
x-cache
Miss from cloudfront
status
200
x-amz-replication-status
COMPLETED
last-modified
Fri, 28 Sep 2018 19:31:06 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
U5mwYTHFc9GLFW6NDocraNZEhUNERDcq
via
1.1 28edd995979e84232ebdb595b33d9deb.cloudfront.net (CloudFront)
cache-control
public, max-age=120
content-type
text/javascript; charset=utf-8
x-amz-cf-id
F4_OFsJNZZ4cjf5Y0qavOzSmJSMLhRAdMXk6UpTBXiIaC_DoGvpwPg==
12421.js
sleeknotecustomerscripts.sleeknote.com/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sleeknotecustomerscripts.sleeknote.com/12421.js
Requested by
Host: godtlevert.no
URL: https://godtlevert.no/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.222 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-222.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0093c04132b1178bb0a9b72f0e92b9a13c6f854434958ac115deb4339507369

Request headers

Referer
https://godtlevert.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 28 Sep 2018 12:19:26 GMT
content-encoding
gzip
last-modified
Thu, 27 Sep 2018 08:59:17 GMT
server
AmazonS3
etag
"bd6826632e20142f8fdb82a2e0f1ee4d"
x-cache
RefreshHit from cloudfront
x-amz-version-id
U3C3Mumcp8jslQBkd2oboVhm7v.gaGM7
status
200
cache-control
max-age=60
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
content-length
2335
via
1.1 8602503af95a7bac32a020063ca51410.cloudfront.net (CloudFront)
x-amz-cf-id
rhmhuSXR7VSKHUvlRD-oNLU2Isp-YiHfdgelGkA_fNLgGEeyq2J2UQ==
j.php
dev.visualwebsiteoptimizer.com/ 		1 KB
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=346162&u=https%3A%2F%2Fgodtlevert.no%2F&f=1&r=0.8640038363224329
Requested by
Host: godtlevert.no
URL: https://godtlevert.no/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
94.57.7a9f.ip4.static.sl-reverse.com
Software
fra1dacdn /
Resource Hash
fcb34631504859f06ad677e053dbace98d48ae9566e9960aa25a112978daaedd

Request headers

Referer
https://godtlevert.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Fri, 28 Sep 2018 21:48:16 GMT
content-encoding
gzip
server
fra1dacdn
content-type
application/javascript; charset=UTF-8
va-8b06bc695616e6daa2f917a15f283151.js
dev.visualwebsiteoptimizer.com/5.0/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/5.0/va-8b06bc695616e6daa2f917a15f283151.js
Requested by
Host: godtlevert.no
URL: https://godtlevert.no/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
94.57.7a9f.ip4.static.sl-reverse.com
Software
fra1dacdn /
Resource Hash
952e54eba573d03254042392a08f6f086a2a417dbbc1de165b2aefae3e48be7a

Request headers

Referer
https://godtlevert.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 28 Sep 2018 21:48:16 GMT
content-encoding
gzip
last-modified
Thu, 27 Sep 2018 12:03:48 GMT
server
fra1dacdn
etag
"5bacc724-c92a"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
51498
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?a=346162&d=godtlevert.no&u=D1A0742C97F0FDBDA28AB2FDEDD72856E&h=d5622bf1455732e5b908f5a72b1440e9&t=false&r=0.41582761414245684
Requested by
Host: godtlevert.no
URL: https://godtlevert.no/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
94.57.7a9f.ip4.static.sl-reverse.com
Software
fra1dacdn /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://godtlevert.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Sep 2018 21:48:16 GMT
x-content-type-options
nosniff
server
fra1dacdn
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
settings.js
dev.visualwebsiteoptimizer.com/ 		147 B
211 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=346162&settings_type=1&r=0.36716488582764684
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/5.0/va-8b06bc695616e6daa2f917a15f283151.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
94.57.7a9f.ip4.static.sl-reverse.com
Software
fra1dacdn /
Resource Hash
0da7a8b495393ddf8a72129a7ed846325c0d98df907abd9b1934410de6bf4681

Request headers

Referer
https://godtlevert.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Fri, 28 Sep 2018 21:48:16 GMT
content-encoding
gzip
server
fra1dacdn
content-type
application/javascript; charset=UTF-8
hotjar-519743.js
static.hotjar.com/c/ 		0
0
bat.js
bat.bing.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Dkgu3dIeRKyTFJ7eR01OaJyql2nw5F67/analytics.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
3a9b1aaf047d7ab5119bb338a86bee9788c4e79392d4abb12408d62bec6e86fb

Request headers

Referer
https://godtlevert.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 28 Sep 2018 21:48:18 GMT
content-encoding
gzip
last-modified
Thu, 26 Jul 2018 13:15:21 GMT
x-msedge-ref
Ref A: F686F0BF40BA424397662EB5D8AA923A Ref B: FRAEDGE0915 Ref C: 2018-09-28T21:48:19Z
status
200
etag
"80ba7eb4e224d41:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7020
conversion_async.js
www.googleadservices.com/pagead/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Dkgu3dIeRKyTFJ7eR01OaJyql2nw5F67/analytics.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.58.214.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f2.1e100.net
Software
cafe /
Resource Hash
86c08461d833a15b8629c0a69f5e4596cec928386cb21f999dcdb6673179feed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://godtlevert.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 28 Sep 2018 21:48:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8198
x-xss-protection
1; mode=block
server
cafe
etag
5504586355873633278
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 28 Sep 2018 21:48:19 GMT
shim.3ad6f38d.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/y59cieqk
  • https://js.intercomcdn.com/shim.3ad6f38d.js
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.3ad6f38d.js
Requested by
Host: godtlevert.no
URL: https://godtlevert.no/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.115 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-115.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2bf46d2fd41a9e3b4e18c52411743aa5afd3863197cd86d5a32f407e696fb105

Request headers

Referer
https://godtlevert.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 28 Sep 2018 21:03:05 GMT
content-encoding
gzip
last-modified
Fri, 28 Sep 2018 21:03:04 GMT
server
AmazonS3
age
2715
etag
"224a8c3201da4314aecda964e30bd653"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=604800, s-maxage=7200, public
accept-ranges
bytes
content-length
1151
via
1.1 bb93dfaee440e32ac88831363641e2c2.cloudfront.net (CloudFront)
x-amz-cf-id
MdseU0_38ulug-X1V9TsSMF-Xk17gBLzXN1xqBCaGfEKiozoRlkPBg==

Redirect headers

date
Fri, 28 Sep 2018 21:46:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104
x-cache
Hit from cloudfront
status
302, 302 Found
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
005c6u8crc0h9iq36l1g
x-runtime
0.005148
location
https://js.intercomcdn.com/shim.3ad6f38d.js
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31557600; includeSubDomains; preload
content-type
text/html; charset=utf-8
via
1.1 9de9a776d0da209cb66ec4bd03877799.cloudfront.net (CloudFront)
x-intercom-version
25b731c63b0eaaec2c20fe3a9ef96c4211a472da
cache-control
no-cache
x-amz-cf-id
SCaLFLWYgL-w1qO5kHvn0SS4XTwfn_DKRluQRPaPIiKneKZpdf98Fg==
analytics.js
www.google-analytics.com/ 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Dkgu3dIeRKyTFJ7eR01OaJyql2nw5F67/analytics.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://godtlevert.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Sep 2018 23:12:19 GMT
server
Golfe2
age
553
date
Fri, 28 Sep 2018 21:39:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
16173
expires
Fri, 28 Sep 2018 23:39:06 GMT
fbevents.js
connect.facebook.net/en_US/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/Dkgu3dIeRKyTFJ7eR01OaJyql2nw5F67/analytics.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
5e4fb5563218c9d2c6548a50764e052853fe611f3bd3e9e6b353c079a16b618f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://godtlevert.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
public
x-fb-debug
lT/4+9yS9bPm1X3IcU7KkEjo46h/ge0Fya86uManY5ZQypB2lnj1a59ZSYsRBVnVCXh5BBSHP8rALwgG3ljNsg==
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 28 Sep 2018 21:48:19 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
14117
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
317051282040139
connect.facebook.net/signals/config/ 		87 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/317051282040139?v=2.8.30&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
d9fedf054c0c72e087b74ad713b36f3dc7676b359ac23a7d4b93c113719ef420
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://godtlevert.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
A54Gm+G8i3fd+hC2CQK2FXE3DeyGuYVyWWj4waZsHyKE0hAcjYqJjsrPKnBFGZESoqyLBWiKV+WpqLtCkyFltQ==
x-frame-options
DENY
date
Fri, 28 Sep 2018 21:48:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
frame.2b685ae7.js
js.intercomcdn.com/ Frame 3F4E 		2 MB
505 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame.2b685ae7.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.3ad6f38d.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.115 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-115.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42c9f57e5b0f46198739c944c5fedec99f95f47f4d22c5ed414524e5af14e30b

Request headers

Referer
https://godtlevert.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 28 Sep 2018 21:03:06 GMT
content-encoding
gzip
last-modified
Fri, 28 Sep 2018 21:03:04 GMT
server
AmazonS3
age
2714
etag
"982b5210466cdcf169d966bc9c0ae4a3"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=604800, s-maxage=7200, public
accept-ranges
bytes
content-length
516498
via
1.1 bb93dfaee440e32ac88831363641e2c2.cloudfront.net (CloudFront)
x-amz-cf-id
LQPXe01eLVNvOTZu_8fLFoQ7il6uc3KE8CCjCPn2DXAJs_rvcWNhFg==
core.js
sleeknotestaticcontent.sleeknote.com/ 		179 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sleeknotestaticcontent.sleeknote.com/core.js
Requested by
Host: sleeknotecustomerscripts.sleeknote.com
URL: https://sleeknotecustomerscripts.sleeknote.com/12421.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.211 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-211.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a2a2328430210e835ea4e0653426a257cc0763e1bafc3a65574fb7b9bc8abc6

Request headers

Referer
https://godtlevert.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 10:01:24 GMT
content-encoding
gzip
last-modified
Thu, 27 Sep 2018 10:01:16 GMT
server
AmazonS3
age
128824
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
AlgTA5lksf2VNx31lbFAEtqLu1fL59K2
status
200
cache-control
max-age=604800
content-type
application/javascript
x-amz-cf-id
iMkhfFxlu9toPqOC4hIZXujfwmrwRPxFK1Z72d79BJNudn-7Z-qKOQ==
via
1.1 249b0d921fdb938596674ad935677340.cloudfront.net (CloudFront)
/
analytics.sleeknote.com/ 		35 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.sleeknote.com/?v8=2_pageview&v0=f5e12f8f-2c64-4719-8c03-30007fd2c3b9&v3=2018-09-28T21%3A48%3A27Z&v4=&v6=2018-09-28T21%3A48%3A27Z&v20=true&v21=cfa31886-8fec-4c25-9102-0561f32b4a10&v25=true&v27=0&s1=12421&s2=Godtlevert.no&s3=godtlevert.no&s4=https%3A%2F%2Fgodtlevert.no%2F&s9=https%3A&s11=%2F&s12=&s13=&c1=&s7=en-US&v2=11787&v5=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36&v22=chrome&v23=67&v24=mac&v26=desktop
Requested by
Host: godtlevert.no
URL: https://godtlevert.no/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.239.32.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
any-in-2015.1e100.net
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://godtlevert.no/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Sep 2018 21:48:27 GMT
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
35
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.hotjar.com
URL
https://static.hotjar.com/c/hotjar-519743.js?sv=5

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| analytics object| _vwo_code number| settings_timer number| _vwo_settings_timer number| _vwo_acc_id string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| VWO function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev object| _vwo_t object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath number| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| uetq function| Intercom object| _hjSelf function| hj object| _hjSettings string| GoogleAnalyticsObject function| ga function| _fbq function| fbq object| google_tag_data object| gaplugins object| sa object| gaGlobal function| GooglemKTybQhCsO function| google_trackConversion function| UET object| SleekNote

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.sleeknote.com
bat.bing.com
cdn.segment.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
godtlevert.no
js.intercomcdn.com
sleeknotecustomerscripts.sleeknote.com
sleeknotestaticcontent.sleeknote.com
static.hotjar.com
widget.intercom.io
www.google-analytics.com
www.googleadservices.com
static.hotjar.com
13.107.21.200
159.122.87.148
216.239.32.21
216.58.214.98
2a00:1450:4001:816::200e
2a03:2880:f01c:8012:face:b00c:0:3
52.164.250.133
54.230.92.31
54.230.94.72
54.230.95.115
54.230.95.211
54.230.95.222
0da7a8b495393ddf8a72129a7ed846325c0d98df907abd9b1934410de6bf4681
285fa943a98bac6c5dfbfc0eab8e6cac592fb3edabc102e3f3629420ad5663b8
2bf46d2fd41a9e3b4e18c52411743aa5afd3863197cd86d5a32f407e696fb105
3a9b1aaf047d7ab5119bb338a86bee9788c4e79392d4abb12408d62bec6e86fb
42c9f57e5b0f46198739c944c5fedec99f95f47f4d22c5ed414524e5af14e30b
49587441e1aa886490fade82efe150bfd670c3d13d2cf2964fc7a6d22a9c2345
5e4fb5563218c9d2c6548a50764e052853fe611f3bd3e9e6b353c079a16b618f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7d503c639bc279e49d8ea42989982b7bf5344c4edf81b7f62ec4fb4023e66683
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86c08461d833a15b8629c0a69f5e4596cec928386cb21f999dcdb6673179feed
952e54eba573d03254042392a08f6f086a2a417dbbc1de165b2aefae3e48be7a
9a2a2328430210e835ea4e0653426a257cc0763e1bafc3a65574fb7b9bc8abc6
b0093c04132b1178bb0a9b72f0e92b9a13c6f854434958ac115deb4339507369
d9fedf054c0c72e087b74ad713b36f3dc7676b359ac23a7d4b93c113719ef420
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
fcb34631504859f06ad677e053dbace98d48ae9566e9960aa25a112978daaedd